Deloitte is a sitting duck: Key systems with RDP open, VPN and proxy ‘login details leaked’

Yes, that’s Gartner’s security consultancy of the year […] On Tuesday, what seemed to be a collection of Deloitte’s corporate VPN passwords, user names, and operational details were found lurking within a public-facing GitHub-hosted repository. These have since been removed in the past hour or so. In addition, it appears that a Deloitte employee uploaded Read more about Deloitte is a sitting duck: Key systems with RDP open, VPN and proxy ‘login details leaked’[…]

Broadcom SoC allow remote code execution in many wifi equiped phones, routers

Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. […] However, since the “Channel Number” field is not validated, an attacker can Read more about Broadcom SoC allow remote code execution in many wifi equiped phones, routers[…]

Artificial intelligence just made guessing your password a whole lot easier

Scientists have harnessed the power of artificial intelligence (AI) to create a program that, combined with existing tools, figured more than a quarter of the passwords from a set of more than 43 million LinkedIn profiles. Yet the researchers say the technology may also be used to beat baddies at their own game. […] The Read more about Artificial intelligence just made guessing your password a whole lot easier[…]

BlueBorne: Turn off your bluetooth

Armis Labs revealed a new attack vector endangering major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux, and the devices using them. The new vector is dubbed “BlueBorne”, as it spread through the air (airborne) and attacks devices via Bluetooth. Armis has also disclosed eight related zero-day vulnerabilities, four of which Read more about BlueBorne: Turn off your bluetooth[…]

Outlook.com looking more like an outage outbreak for Europe

Microsoft’s email services got hit with not one but two bugs today: in addition to an earlier blip with Exchange Online, Microsoft confirmed it is now probing “issues” with “some” Outlook.com users in Europe. According to downdetector.com, more than a thousand users have reported problems such as trouble receiving messages and logging in to their Read more about Outlook.com looking more like an outage outbreak for Europe[…]

Introducing: Unity Machine Learning Agents for Tensorflow

Unity Machine Learning Agents We call our solution Unity Machine Learning Agents (ML-Agents for short), and are happy to be releasing an open beta version of our SDK today! The ML-Agents SDK allows researchers and developers to transform games and simulations created using the Unity Editor into environments where intelligent agents can be trained using Read more about Introducing: Unity Machine Learning Agents for Tensorflow[…]

Deloitte hit by cyber-attack revealing clients’ secret emails

One of the world’s “big four” accountancy firms has been targeted by a sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients, the Guardian can reveal. […] One of the largest private firms in the US, which reported a record $37bn (£27.3bn) revenue last year, Deloitte provides auditing, tax Read more about Deloitte hit by cyber-attack revealing clients’ secret emails[…]

A Literal Tree Illustration Shows How Languages Are Connected

Did you know that most of the different languages we speak today can actually be placed in only a couple of groups by their origin? This is what illustrator Minna Sundberg has captured in an elegant infographic of a linguistic tree which reveals some fascinating links between different tongues. Source: This Amazing Tree That Shows Read more about A Literal Tree Illustration Shows How Languages Are Connected[…]

Closed source corporate DRM for money grabbers is forced onto open source web with flimsiest of excuses

The trouble with DRM is that it’s sort of ineffective. It tends to make things inconvenient for people who legitimately bought a song or movie while failing to stop piracy. Some rights holders, like Ubisoft, have come around to the idea that DRM is counterproductive. Steve Jobs famously wrote about the inanity of DRM in Read more about Closed source corporate DRM for money grabbers is forced onto open source web with flimsiest of excuses[…]

SVR Tracking leaks info for hundreds of thousands of vehicles. Turns out they have been tracking you even when your car wasn’t stolen.

Researchers discovered a misconfigured Amazon AWS S3 bucket that was left publically available. The breach has exposed information about their customers and re-seller network and also the physical device that is attached to the cars. The repository contained over a half of a million records with logins / passwords, emails, VIN (vehicle identification number), IMEI Read more about SVR Tracking leaks info for hundreds of thousands of vehicles. Turns out they have been tracking you even when your car wasn’t stolen.[…]

Equifax fooled again! Blundering credit biz directs hack attack victims to parody site

When news of the hack was published on September 7, over a month after its scale had been discovered, Equifax set up a website for worried customers to check if they had been affected – equifaxsecurity2017.com – rather than setting it up on the equifax.com domain. As a bit of fun security researcher Nick Sweeting Read more about Equifax fooled again! Blundering credit biz directs hack attack victims to parody site[…]

Ccleaner infection: what happened? Turns out it was targeting companies & had been running for longer than thought

Ccleaner v5.33, software that allows you to clean up the cruft that comes with use and with newly installed machines, was infected with Floxif malware which installed itself on peoples machines together with the ccleaner. Floxif is a malware downloader that gathers information about infected systems and sends it back to its Command & Control Read more about Ccleaner infection: what happened? Turns out it was targeting companies & had been running for longer than thought[…]

SEC’s EDGAR database hacked, hackers use data for insider trading.

In August 2017, the Commission learned that an incident previously detected in 2016 may have provided the basis for illicit gain through trading. Specifically, a software vulnerability in the test filing component of the Commission’s EDGAR system, which was patched promptly after discovery, was exploited and resulted in access to nonpublic information. It is believed Read more about SEC’s EDGAR database hacked, hackers use data for insider trading.[…]

Attention adults working in the real world: Do not upgrade to iOS 11 if you use Outlook, Exchange

Apple’s latest version of iOS, namely version 11, may struggle or flat-out fail to connect to Microsoft Office and Exchange mailboxes. That’s a rather annoying pain for anyone working in a typical Windows-based work environment. The Cupertino idiot-tax operation admitted this week that iOS 11 contains a bug that potentially leaves users locked out of Read more about Attention adults working in the real world: Do not upgrade to iOS 11 if you use Outlook, Exchange[…]

Popular GO Android alternate Keyboard is spying on millions of Android users

Security researchers from Adguard have issued a warning that the popular GO Keyboard app is spying on users. Produced by Chinese developers GOMO Dev Team, GO Keyboard was found to be transmitting personal information about users back to remote servers, as well as “using a prohibited technique to download dangerous executable code.” Adguard made the Read more about Popular GO Android alternate Keyboard is spying on millions of Android users[…]

EU Paid For Report That Said Piracy Isn’t Harmful — And Tried To Hide Findings

According to Julia Reda’s blog, the only Pirate in the EU Parliament, the European Commission in 2014 paid the Dutch consulting firm Ecorys 360,000 euros (about $428,000) to research the effect piracy had on sales of copyrighted content. The final report was finished in May 2015, but was never published because the report concluded that Read more about EU Paid For Report That Said Piracy Isn’t Harmful — And Tried To Hide Findings[…]

Holdout ISPs Ziggo and XS4ALL forced to censor the web by high court in the name of – money!

The courts in the Hague has forced ISPs to block the Pirate Bay. Surprisinly they haven’t foced a block of Google and Bing, that also link to copyrighted materials. Anyhway, this is on the insistence of BREIN, who – like the RIAA – think they should be getting the income from music so that they Read more about Holdout ISPs Ziggo and XS4ALL forced to censor the web by high court in the name of – money![…]

HP pushes third-party ink blocking printer firmware update (again)

Hewlett Packard (HP) released a new firmware for the company’s Officejet printers that appears to block third-party ink from functioning correctly. The company caused quite the uproar a year ago when it released a firmware for some of its printer families that blocked non-HP cartridges in company printers. HP released a firmware update a month Read more about HP pushes third-party ink blocking printer firmware update (again)[…]

Equifax another breach: had ‘admin’ as login and password in Argentina

Cyber-crime blogger Brian Krebs said that an online employee tool used in the country could be accessed by typing “admin” as both a login and password. He added that this gave access to records that included thousands of customers’ national identity numbers. Last week, the firm revealed a separate attack affecting millions in the US. Read more about Equifax another breach: had ‘admin’ as login and password in Argentina[…]

AI’s can generate fake reviews indistinguishable from real reviews for both humans and fake review detectors

Fake reviews used to be crowdsourced. Now they can be auto-generated by AI, according to a new research paper shared by AmiMoJo: In this paper, we identify a new class of attacks that leverage deep learning language models (Recurrent Neural Networks or RNNs) to automate the generation of fake online reviews for products and services. Read more about AI’s can generate fake reviews indistinguishable from real reviews for both humans and fake review detectors[…]

Companies use software limitations to screw customers over more and more often, kill competition

What began with printers and spread to phones is coming to everything: this kind of technology has proliferated to smart thermostats (no apps that let you turn your AC cooler when the power company dials it up a couple degrees), tractors (no buying your parts from third-party companies), cars (no taking your GM to an Read more about Companies use software limitations to screw customers over more and more often, kill competition[…]

ProtonVPN: Secure and Free VPN service for protecting your privacy

We believe privacy and security are fundamental human rights, so we also provide a free version of ProtonVPN to the public. Unlike other free VPNs, there are no catches. We don’t serve ads or secretly sell your browsing history. ProtonVPN Free is subsidized by ProtonVPN paid users. If you would like to support online privacy, Read more about ProtonVPN: Secure and Free VPN service for protecting your privacy[…]

Moneyback leaks 500k tourists to Mexico customer records: passports, credit cards, IDs.

Have you been to Mexico in the last year as a tourist and applied for a tax refund on the money you spent while shopping there? If you have, chances are your passport, credit card, or other identification might have been leaked online. The Kromtech Security Research Center has discovered a misconfigured database with nearly Read more about Moneyback leaks 500k tourists to Mexico customer records: passports, credit cards, IDs.[…]

A.I. can detect the sexual orientation of a person based on one photo, research shows

The Stanford University study, which is set to be published in the Journal of Personality and Social Psychology and was first reported in The Economist, found that machines had a far superior “gaydar” when compared to humans. The machine intelligence tested in the research could correctly infer between gay and straight men 81 percent of Read more about A.I. can detect the sexual orientation of a person based on one photo, research shows[…]

Flip-flop qubits: Radical new quantum computing design invented

Tosi’s conceptual breakthrough is the creation of an entirely new type of qubit, using both the nucleus and the electron. In this approach, a qubit ‘0’ state is defined when the spin of the electron is down and the nucleus spin is up, while the ‘1’ state is when the electron spin is up, and Read more about Flip-flop qubits: Radical new quantum computing design invented[…]